package com.flower.oauthserver.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;
import org.springframework.security.oauth2.provider.token.store.redis.RedisTokenStore;



/**
 * @ClassName AuthorizationConfig
 * @Description TODO
 * @Author 张晓焕
 * @Date 2022/7/11 15:15
 * @Version 1.0
 */
@Configuration
public class AuthorizationConfig extends AuthorizationServerConfigurerAdapter {
 //   @Autowired
 //   RedisConnectionFactory lettuceConnectionFactory;

    @Autowired
    AuthenticationManager authenticationManager;


    @Autowired
    TokenStore tokenStore;


    /**
     * @author 吃麻椒的花酱
     * @date 2022/7/11 15:19
     * @Description 将redis与token连接起来
     * @param
     * @return org.springframework.security.oauth2.provider.token.TokenStore
     */
  //  @Bean
   // public TokenStore tokenStore() {
    //  return   new RedisTokenStore(lettuceConnectionFactory);
   // }

    @Bean
    public TokenStore tokenStore() {
        return new JwtTokenStore(jwtAccessTokenConverter());
    }
    /**
     * @author 吃麻椒的花酱
     * @date 2022/7/13 16:33
     * @Description token转换器
     * @param
     * @return org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter
     */
    @Bean
    public  JwtAccessTokenConverter jwtAccessTokenConverter() {
        JwtAccessTokenConverter jwt= new JwtAccessTokenConverter();
        jwt.setSigningKey("flowerhua");
        return jwt;
    }



    //http:127.0.0.1:8081/oauth/authorize?response_type=code&client_id=web&redirect_uri=https://sa-token.dev33.cn/
    /**
     * @author 吃麻椒的花酱
     * @date 2022/7/11 15:21
     * @Description 配置第三方应用
     * @param clients authorization_code", "password", "client_credentials", "implicit", "refresh_token"
     * @return void
     */
    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
        clients.inMemory().withClient("web")//客户端id
                .secret("flower")//应用密码
                .scopes("read")//作用域
                .authorizedGrantTypes("authorization_code") //授权模式
                .accessTokenValiditySeconds(7200)// token有效时间
                .redirectUris("https://sa-token.dev33.cn/")//重定向地址
                .and()
                .withClient("web-password")
                .secret("flowerhua")
                .scopes("all")
                .authorizedGrantTypes("password","refresh_token")
                .accessTokenValiditySeconds(7200);
    }

    /**
     * @author 吃麻椒的花酱
     * @date 2022/7/11 15:31
     * @Description 暴露授权服务给token存储 暴露认证管理器
     * @param endpoints
     * @return void
     */
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
        endpoints.tokenStore(tokenStore()).authenticationManager(authenticationManager)
                .accessTokenConverter(jwtAccessTokenConverter());
    }

}
